Commit 8af8979f authored by ale's avatar ale

Fix X-Frame-Options header

parent d1e6a380
......@@ -12,7 +12,7 @@ func WithDynamicHeaders(h http.Handler, csp string) http.Handler {
hdr.Set("Pragma", "no-cache")
hdr.Set("Cache-Control", "no-store")
hdr.Set("Expires", "-1")
hdr.Set("X-Frame-Options", "NONE")
hdr.Set("X-Frame-Options", "deny")
hdr.Set("X-XSS-Protection", "1; mode=block")
hdr.Set("X-Content-Type-Options", "nosniff")
if csp != "" && hdr.Get("Content-Security-Policy") == "" {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment